- Created by Annegret Bernhardt, last modified on Jan 12, 2024
To view all APIs your user is allowed to see, go to tab My APIs in the navigation bar.
The APIs are listed by organizations. For detailed information about navigating and filtering the list refer to Working With the API Management. | |
You can also view the list of existing APIs for an organization by navigating to the APIs tab of the organization's details page. Click on an API tile to open the API's details page. Use the details page to modify the configuration. |
Basic Settings
The Overview tab displays the most important information about an API and also offers various functionalities:
UI Element | Name | Description |
---|---|---|
Basic Settings (available in all tabs) | ||
1 | Image | Click the API logo to upload your own image for this API. The image will be displayed in the API tile in API Management as well as in the API Developer Portal. This setting is valid for all versions of the API. |
2 | Name / Description |
|
3 | Version | In this field, the current version of the API is displayed. Use the drop-down to switch between versions. To create a new version, click New Version (refer to The Concepts of API Management > Versioning for detailed information). |
4 | Delete | Click Delete to remove the API. You will need to confirm the deletion in a separate pop-up window. This setting is valid for all versions of the API. |
5 | Status | In this field, the current status of the API is displayed. Use the drop-down to change the status. An API can have the following states: |
6 | Navigation Bar | Use the navigation bar to access the various tabs of the API's details page (details of all tabs see below). |
Overview Tab Settings (available only in tab Overview) | ||
7 | API Endpoint | Displays the endpoint of this API in read-only mode. Click Copy to clipcoard to copy the endpoint. Click Try! to open the test UI for this API (refer to Testing APIs for details). |
8 | Attached Policies | Displays a read-only overview on all policies assigned to this API. You can click on the name of a policy. This opens tab Policies where you can adapt the policies of this API. |
9 | API Type | This section displays the API type and associated settings:
Click on the type labels / to open tab Settings where you can adapt the API's implementation. |
10 | Useful Information | The displayed labels show some additional information about the API. The labels are interactive: Click on an entry to switch to the corresponding tab.
|
API Details
In the navigation bar of the details page, you will find several tabs where you can manage the various settings of the API. Refer to Configuring an API for more information about the necessary configuration steps.
Settings
Open tab Settings to provide the details about the backend API implementation:
The following settings are available in this tab:
UI Element | Name | Description | |
---|---|---|---|
1 | Implementation | The URL that the API Management will use to proxy a request made for this API. | |
2 | API Developer Portal | Enable option Feature this API if you want to display the API on the landing page of the API Developer Portal. This setting is valid for all versions of the API. | |
3 | Advanced Settings | Expand this section to display advanced options. | |
API Type | Choose between the options REST, SOAP and UI. | ||
API Content Type | You can select JSON or XML. This information is primarily used to respond with a policy failure or error in the appropriate format. | ||
Gateway | Use the drop-down list to switch between different gateways. Only one gateway is supported in the current version of API Management. | ||
API Security | Choose between the options None, Basic Auth and MTLS/Two-Way-SSL. Please note that BASIC Authentication is not ideal. It is especially insecure if not using SSL/HTTPS to connect to the backend API. Endpoint Level Security Policy security alone does not secure an API’s unmanaged endpoint. Endpoint security also secures the APIs from attempts to bypass the gateway. Scheer PAS API Management supports two endpoint security options: Basic Auth and MTLS (Two-Way-SSL). With Mutual TLS, a two-way trust pattern is created. The gateway trusts the APIs and the APIs trust the gateway. The APIs, however, do not trust the clients. The use of enpoint security prevents that a client can bypass the gateway and access the APIs directly. The endpoint level of security applies to all requests made to the APIs, regardless of the policies configured. | ||
Enable Stateful Request Payload Inspection | If this feature is enabled, the gateway will parse the request body into an object prior to applying the policies. This allows policies to make decisions based on the content of the request payload. | ||
Disable Request Key Stripping | If this feature is enabled, the gateway will not strip the X-API-KEY and apikey query parameter from the request. This allows the gateway to send the keys to the backend endpoint (see also API Key policy). | ||
4 | API Type |
Refer to Configuring an API for details. | |
5 | Plan and Visibility Management |
Refer to Configuring an API for details. |
Documentation
In the Documentation tab you can manage the API definition and the description of the API.
API Definition
An API definition file allows consumers to better understand how to use your API. If you want to test your API directly from API Management, it is necessary to have an API definition.
The following options are available in the API Definiton tab:
UI Element | Setting | Description |
---|---|---|
1 | API Definition Type | Use the drop-down menu API Definition Type to select the type of your definition file:
|
2 | API Definition URL | If you want to load the API definition from a URL source, you can enter the URL in this field. |
3 | Import API Definition | Once you have provided a URL in field API Definition URL, use this button to import the API definition. |
4 | Get API Definition | This button offers two options once an API definition has been provided:
|
5 | Definition Validity | The icon indicates whether the content of the definition editor is valid or not . |
6 | Definition Editor | The editor allows you to adapt the displayed definition. Manual changes are automatically saved, but using Import API Definition again overrides the manual changes. Please note that the autosave is not triggered after the upload of an invalid file. |
7 | Definition Content | In this section, the definition is displayed in a formatted, read-only version. |
If you have imported the API from the PAS Administration, the API definition is populated automatically. Alternatively, you can load a definition from a URL, or add a definition manually. Refer to Configuring an API for details.
Adding or removing policies does not enrich the Open API documentation. You need to adjust your documentation manually. For more information on REST documentation and how to add documentation to xUML services, refer to Bridge Guide > Documenting a REST Service.
Markdown Description
In tab Markdown Description you can provide a description of your API to help developers understand how to use your API. To enable others to easily use your APIs, it is important to provide them with extensive API documentation. You can provide your description by either using the markdown or a text editor:
Policies
The Policies tab allows you to manage the policies that should be applied whenever a request is made to this API. The order of the policies is important: The order in which the policies appear in the user interface determines the order they will be applied at runtime (refer to Policies > Policy Chain for details).
To add another policy to this plan, click one of the Plus buttons . You will be redirected to page Add Policy, where you can choose a policy and customize it (refer to Attaching Policies for details). If you want to adapt an attached policy, click Edit to open the policy configuration. If you want to delete a policy from this API, click Delete .
Refer to chapter Policies for an overview of the standard policies supplied with Scheer PAS API Management. Page Attaching Policies explains how to attach and configure a policy.
Contracts
Use tab Contracts to display a list of all contracts between all clients and this API. The list shows all clients that can consume this API and also clients that are waiting for their request to be approved (refer to Handling Approval Requests for details):
Metrics
Navigate to tab Metrics in the APIs section of API Management to display basic metric information about the API. Once an API has been used, you can use the Metrics tab to view basic analytics information and to figure out, how often the API has been used and when.
Refer to Metrics for detailed information about the available options.
Change Log
Navigate to the Change Log tab if you want to see an overview of changes made for this API. All configuration changes made by API Management users associated with this API are listed here:
- No labels